fuyang_lipengjun platform ScheduleJobLogController.java queryPage sql injection_CVE-2025-7936

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in fuyang_lipengjun platform up to ca9aceff6902feb7b0b6bf510842aea88430796a and classified as critical. Affected by this vulnerability is the function queryPage of the file com/platform/controller/ScheduleJobLogController.java. The manipulation of the argument beanName/methodName leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

Basic Information

ID CVE-2025-7936

Source VulDB

Published Jul 21, 2025 at 19:32

Modified Jul 21, 2025 at 20:00

Affected Product

Vendor fuyang_lipengjun

Product platform

Version ca9aceff6902feb7b0b6bf510842aea88430796a

Affected Versions fuyang_lipengjun platform ca9aceff6902feb7b0b6bf510842aea88430796a

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in fuyang_lipengjun platform up to ca9aceff6902feb7b0b6bf510842aea88430796a and classified as critical. Affected by this vulnerability is the function queryPage of the file com/platform/controller/ScheduleJobLogController.java. The manipulation of the argument beanName/methodName leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.",
    "published": "2025-07-21T19:32:10.267Z",
    "modified": "2025-07-21T20:00:04.935Z",
    "type": "cve",
    "title": "fuyang_lipengjun platform ScheduleJobLogController.java queryPage sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.317065\nhttps://vuldb.com/?ctiid.317065\nhttps://vuldb.com/?submit.618979\nhttps://gitee.com/fuyang_lipengjun/platform/issues/ICLIK1",
    "id": "CVE-2025-7936",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "fuyang_lipengjun platform ca9aceff6902feb7b0b6bf510842aea88430796a",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "platform",
    "version": "ca9aceff6902feb7b0b6bf510842aea88430796a",
    "vendor": "fuyang_lipengjun",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}